A Distributed Service: Security, Blockchain and a Mycroft Token


#22

Whether or not Mycroft should build a distributed backend depends on how much, if at all, blockchain’s issues hinder Mycroft, especially when it comes to scalability. If there will be a high transaction volume, for example, it’s much better to stay centralized. Also, you might want to conduct a survey or otherwise find out how many people would be willing to be miners.

The real use case for blockchain in Mycroft is not only added security, but to further highlight the idea of an open system that gives power to the greater community. But, since blockchain is in its infancy, I think it should be approached with caution.


#23

Wow! read the original post 12 hours ago and came back to check in on things and I thought it was going to take me another 12 hours to read through the new posts. Looks like we have stired up some great conversation. I am certainly not a blockchain expert, infact from the posts, there are many people with more insight than I could provide. I do however think that decentralizing the system is the only way to make this model sustainable and continue to keep it community driven. The main reason I began digging into Mycroft.ai is that it is not locked down and controlled by the big name players. Mycroft.ai can be as good as I and the rest of the community desire it to be. From what I understand in the blockchain world there comes a point where transaction management becomes a diminishing return on the hardware investment. I want Mycroft.ai to continue to work 5 years from now, but I don’t want to keep having to add a new Mycroft or a new “pi hat” so that I can continue to ask it what the weather is like. When I came back to read the post I could not help but think that some of what we need is torrent related, thanks @erik. A while ago when bittorrents were the new blockchain many people were investigating how to leverage the benefits of bittorrents for distributed computing (here: http://www.cs.ucla.edu/classes/cs217/05BitTorrent.pdf, and here: https://eprints.utas.edu.au/270/1/comptorrent_techreport.pdf. My verdict at this point is we need much more conversation around this topic and the natural solutions will begin to float to the top. Great incite everyone, I can’t wait to come back in 12 hours and get caught up again.


#24

oh with

there wouldn’t be need for super-large processing power i would assume … proof of stake can improve efficiency there a lot =) … (and since more miners don’t speed up transactions but it’s only bigger/faster blocks … ; )

i like the idea and i see the benefits =)
but imho the drawbacks of blockchains are not to be underestimated … even vitalik is talking about years when referring to timeframe where he thinks sharding (ethereums attempt to scale better) will be ready …

In fact the safenetwork that i mentioned is using a DHT for routing/data storage/recovery like the kademlia dht torrent uses - they are related technology :wink:

anyway - i better stop here because otherwise i’d write long paragraphs and nobody of us could want that :smiley: [only one last thought - altcoin are easily possible on safe too - so you wouldn’t need to built your own technology but would simply use what ‘is there’ - i already created ridcoin on the alpha network xD someone made a token generator]
if anybody wants to know more i’m certainly up to a discussion in direct messages … but i don’t want to steer this discussion too far off topic or spam too much…

I do like the idea of decentralization and a token economy for microft! and i hope you find a fitting solution if you want to go this route :slight_smile:


#25

I’ve been involved in crypto for a LONG time, and while I think it’s neat to consider something like this, I don’t think it makes sense because there’s no value in the ledger. Using a P2P network (or a DHT like is being discussed above) would give you the same level of stability that cryptocurrencies enjoy. As long as the configuration database for each device was small enough to be distributed on a P2P network, thousands of configurations could be persisted and rebroadcast as necessary. There would have to be some sort of gatekeeper to prevent account spam, etc, but in the end I think it’s definitely possible to do this. Have a look at NANO for a novel idea on preventing spam - they force a proof of work onto the initiator of a transaction to prevent spam. Stealing ideas like that but throwing away the permanent ledger idea would be the way to go here. I never need to know how my device was configured 2 years ago.


#26

I like the idea of decentralized services. Handling these with Smart Contracts and thus with a blockchain application is also good.
However, the blockchain should be integrated in such a way that the user has little or nothing to do with it. This means that the wallet is invested automatically. Likewise, the transactions / micropayments must run automatically.
The creation of new coins should only be possible by providing services or resources for the distributed AI. The only exception is a pre-produced amount that can be purchased by users who do not want or cannot provide anything and to allow new users to start.
Relationships between the provision and consumption of services should also be defined. And privacy in the blockchain should also be protected. It goes without saying that the costs for digging must be low. Maybe you don’t have to invent a new cryptocurrency, but can build on a platform. Or you can benefit from the experience of projects like Siacoin or Storj.


#27

I think you should take a look at the distributed technology behind ‘BitChute’ (the new YouTube challenger), its only young but it is a great idea in that it is a Torrent based Mesh network (non-central botnet?).

The problem with using blockchain is that it is processing intensive (GPUs needed and its still quite slow) and some time the technology is difficult to integrate into other technology. While Torrent technology is relatively easy to implement (can even be implemented at the web level as well as ITP levels), can be programmed using many of the existing libraries and there are implementations that are very secure.

Each Mycroft would then only need a small server module, to run the mesh/torrent network and at the same time could also run a small server to store/cashe some of the information Mycroft needs to operate given the internet becoming unreliable (eg. a txt based backup of Wikipedia is around the 4Gb to 6Gb and that is an entire encyclopaedia on an SD card).

Hope I made sense?


#28

I think one of the most important things to consider is where the resources to build something like this would come from. More to the point, if money and time are spent to develop this, what is not being developed? And are those features that would not be developed, features that would drive user adoption and retention?

My worry is that by preparing for the doomsday (Mycroft AI going belly up), you may actually bring about the doomsday. If instead you focus on other core features, you may drive user adoption and retention up, which will contribute to the long term sustainability of the company (you’ll have revenue coming from device orders, it’ll be easier to convince other companies to work with you, it’ll be easier to secure investor funding, etc).

A few other random points:

  • A central governance isn’t necessarily a bad thing - look at the Linux Foundation, the Apache Foundation, the Free Software Foundation, or the Python Foundation. They all control portions of the technological world we’ve come to rely on and… well, that’s just fine.
  • There are other, more straightforward ways to make revenue, e.g. subscriptions, or a skill store (where Mycroft AI takes a cut of the sales - this also solves the developer incentive problem, as does the recent introduction of BountySource)
  • Bitcoin has forked several times, due to disagreement in the community. If Mycroftcoin isn’t perfect from the start, the same could happen to it.
  • There’s a huge amount of volatility in the value of cryptocurrencies - this seems like a problem not worth dealing with.
  • The reliability problem can probably be solved via other means, e.g. Terraform, Hashistack, and other infrastructure automation techniques.

In summation, I don’t really know enough about the technology to be opposed to it, or to suggest some other decentralized technology over it, but before you undertake this project, I’d rather see the focus remain on core features that will drive user adoption and retention, and simpler forms of revenue generation that will keep you around for the long term. The contingency plan in the short term can always be to open up all the backend code, and let the community take over.


#29

+1 on the skill store idea @Christopher_Rogers

Plus, going back to my market comment above this might be a way to differentiate and draw from the Amazon/Google/Apple/Microsoft crowd (an ability to do something special) rather than making Mycroft harder to deal with (per API call payments)


#30

sigh

I first recieved this email at around 1am and I thought it was a joke until I opened it in the morning.

this screams of a solution in search for a problem with a side of “we’d love to have some alternative revenue” to me.

The problem as described in the OP is to prevent obsolescence should things go tits up, ie the greatest of disaster recovery. A great ideal to see considered by the CEO and one many others wouldn’t even dare to touch with a ten foot pole.

This is a solved problem though.

There are other communities that have had to deal with this - particularly the gaming community. products are created and then abandoned or put through an incompatible upgrade path.

It’s the reason you can still create your own shard for ultima online when the game was launched 21 years ago - and it’s still going.

I don’t think complexity of self-hosting is a particularly good argument either - look at the sheer amount of children learning sysadmin functions through hosting minecraft.

One of the posters up above mentioned that it’s possible to already ‘roll your own’ control - could someone point me to that? this is an important feature for those with poor internet connectivity and people who want super secure (standalone) environments. If anything, this should be of primary focus - the community can choose who to trust that way should the worst happen.

That said - as already mentioned - there are other methods to allow a more ‘it just works’ zero-configuration model - DHT/bitorrent model.

Something unsaid here - if the tokens are basically worth anything - you’re inviting in what I’d consider an unsavory element. the mining community represents some of the worst excesses of our generation - and if there’s a way they can find to screw things up, they’ll find it.

Don’t believe me? have a look at twitter.com/buttcoin for at least some humorous examples.


#31

Definitely not for the faint of heart, but there is definitely a path forward for the Mycroft ecosystem if the company goes belly up, or abandons the home speaker market. If Google or Amazon abandoned their products there would be no path.


#32

It’s not clear to me what problem is being solved with this proposal. If it is a need for revenue, then there are many better ways - some have been suggested in the responses: If it is some sort of security or permanence, I would ask “Why”?

The ‘belly up’ scenario is very real - I have at least half a dozen devices that no longer function, and only one, after an uproar, got a refund from Google.

I would MUCH rather see a method of fremium, for example, and have effort go into the basic product. I have been very frustrated with each attempt to implement on RPi. It just doesn’t work! I have submitted logs to support and my queries remain ignored.

If the basics can’t be made to work then what is the point of the considerable complexity of blockchain? Get the basics right, I’d pay (and did support the original crowdfund).


#33

i will write a more extensive comment later on

i like this idea for a main reason, that is that a blockchain puts the user in control of the data (by having a private key), this means we could have the backend without trusting you

the blockchain is also harder to attack, and your backend gives trouble…well…quite often

for any sort of mining to work, we could maybe look into Aeon, this use cryptonight-light and should be minable in low end hardware, a mark1 must be able to mine and still run mycroft, which isnt that light

the second trouble would be blockchain bloat, i would like to point you to the mimble wimble protocol, https://github.com/mimblewimble/grin , https://github.com/mimblewimble/grin/blob/master/doc/grin4bitcoiners.md

the coins would be a reward for devs, since by creating things they could be paid in a coin they are directly giving value trough their contributions, the mandatory store that would accept these coins would be MycroftAI, but i dont see why other entities wouldnt be able/interested in investing

you could even make tokens represent a share of the company if desired, so by owning mycroft tokens you would own a part of the company

i will be back with more opinions :smiley:


#34

Good point on rewarding developers Jarbas. Mycroft could look into adopting a Colony like business model https://colony.io This approach would not only reward developers for contributing skills, it would reward those that improve the core technologies and bring in revenue. If Mycroft is seriously considering a crypto-economic business model, there has to be real compensation for those that provide value to the company, not just a few bucks for a skill. There is more to this than tokens, micropayments and distributed computing.


#35

good point @mycroft - this could then be extended to things like testing Skills - if somebody tests your Skill really thoroughly then we should have a mechanism for rewarding that because they are contributing to increased quality.


#36

Hey @mycroft and @KathyReid :slight_smile: the SAFE network which riddim and I mentioned has a fair reward also implemented. So… The more people use your app the more you get paid by the network :slightly_smiling_face: the core developer also get paid by the network for improving the code.
It would be a good investment for you to read a bit about what’s MaidSafe doing :+1:


#37

Thanks for the suggestion @DaGrizzly!


#38

One thing to keep in mind is that blockchain cryptocurrencies aren’t really private, and the ones that are private will probably be regulated out of existence. Not to mention that quantum computers might end up being able to read all of our existing public-key encrypted data (which is why post-quantum cryptography is being researched, but it’s nowhere near production-ready).

Also, keys leak, get compromised, etc. Users are usually pretty terrible at key-management, so “we’ll give the keys to the users” isn’t an effective solution to anything right now.

I don’t want my sensitive data stored for longer than it needs to be, or transmitted across any network unnecessarily, whether it’s encrypted or not.

I concur with the others who say that this looks like a solution in search of a problem.


#39

Also, be careful about trying to reward FOSS developers with money: The politics of who gets what can be really demotivating. See e.g. https://www.r-statistics.com/2010/09/open-source-and-money-why-paying-r-developers-might-not-always-help-the-project/

I suspect code quality also goes down when people start working on something with the expectation of being paid, rather than because it’s something they personally care about (and thus are likely to know more about).

I’m not saying don’t look into these things, but I am advising not to bet the farm on them. Many people have had these ideas before, and have failed. Unless you are well-researched and believe you understand why they failed and how you’re different, you should proceed cautiously, if at all.

Personally, my gut feeling is that cryptocurrency is a wasteful distraction in most cases—the software & regulatory frameworks aren’t really there yet, so you’ll waste a lot of time trying to build the cryptocurrency system, rather than your core product.